Cyber-crime Threat in Australia
Cyber criminals typically follow the money. Australia’s relative wealth, high levels of internet access, and growing online channel distribution make it very attractive and lucrative for cyber-crime adversaries. Transnational cyber-crime syndicates and their affiliates, which produce, distribute, sell, and use sophisticated tools and techniques, are a growing concern.
Cyber-crime is one of Australia’s most common threats and the most significant threat in terms of overall scale and effect on individuals and businesses. The Australian Cyber Security Centre (ACSC) responded to 2,266 cyber security incidents between July 2019 and 2020 amounting to a loss of more than $630 million to Australian Businesses.
Why Small Businesses?
The Internet is an affordable and efficient platform for small businesses to sell and promote their goods and services. However, the internet also offers opportunities for fraudulent conduct and unauthorised access to company and client data. Attacks on a business computer system can generate immediate and ongoing effects, such as targeting customers for identity crimes or infecting website visitors with malicious software.
It is argued that small Australian businesses have been slow to implement security technologies and policies to secure their information systems, making them vulnerable to current and future threats. The ACSC’s, small business cyber security guide highlights another major issue is the limited spending by SMEs on cyber-security, which correlates to their low annual turnover effected more so by the pandemic.
Internet Security Threat Reports illustrate that small businesses are the subject of 43% of all cyber-crimes and escalating. These attacks impair productivity, interrupt company operations and result in a loss of information and revenue.
Since 1 July 2019, there has been more than 59,000 cybercrime reports averaging 164 daily or approximately one report every 10 minutes. The most common category of cyber-crime reported is fraud (40%), which relates to criminals who profit by deception, such as investment, shopping, or romance scams. Identity theft and misuse of personal information was the second most common category (32%) followed by ‘cyber abuse’ (22%)
Tips for your small business
One of Coraggio’s members, Martin Boyd, Director of Cyber Security at Vertex Security believes that, while Australians continue to work from home, business leaders should create a long-term approach to their cyber security strategy.
Martin has compiled a list of 10 cyber security tips for small businesses to protect both your business’ data and employees:
Implement a Security Policy
Organise employee security training so they know how to avoid sharing passwords via email or instant messaging, saving passwords to their devices, and using their own personal devices while working.
Ensure All Software is Updated
Hackers may have increased ability to find loopholes through outdated software. Proactively updating your software can help to protect against potential spam (phishing) emails requesting your employees to update their software.
Use Password Protection Software
Tools such as Bitwarden and LastPass allow your business management to share passwords directly with team members whilst ensuring they are not being shared casually among the team. Ideally, employees should not know passwords, unless there is a specific reason.
Use Two-factor Authentication
Working remotely can make it challenging to track which employees are using each program. Two-factor authentication adds another level of security to the login process, assisting to reduce accounts getting hacked from multiple employees using the different software.
Two-factor authentication can require multiple passwords or confirming identity through another device to gain access. Ensure only relevant staff members have access to necessary software and platforms. If you are using a password-sharing platform, you can always monitor user access.
Ensure Autofill is Not Used
Disabling auto-fill passwords increases your level of security by ensuring browsers do not save passwords, whether used with or without a password sharing platform. It makes it more difficult for hackers to gain login details.
Limit File Uploads
A large volume of file uploads in a short period of time can cause leaks in your online security system via a bug. This can make it easier for hackers to gain access to your files and read the data on your website.
Use an SSL Certificate
An SSL Certificate offers end-to-end encryption and therefore incredibly important. By default, your data is transferred via plain text between your browser and server, making this information easy to access by hackers.
Implement a Spam Filter
A spam filter removes malicious content that could spread viruses and assist hackers to mount a cyber-attack.
Social engineering usually involves tricking people into breaking standard security practices. For example, if a hacker is unsuccessful in gaining access to your data, they may gain information through your social media accounts. Hackers can analyse your messaging and use it to gather information to conduct a cyber-attack.
Ensure the information you are sharing does not relate to any passwords, and you regularly change your passwords, especially on your social channels.
Hire a Cyber Security Specialist
Hire a cyber security specialist to oversee your security campaign, manage your reputation, mitigate risk, and ensure growth. The increase in cyber-crime in Australia means having a game plan is essential to ensure your data and employees stay safe.
Manage your cyber security risk one step further by requesting all employees install XSurfLog. Additionally, Machine Learning (Al) is a free browser extension that protects against phishing, which is the number one cause for data breaches and will defend against it.
Imagine gaining peace of mind to seamlessly access these answers and navigate other business challenges as they arise, simply by connecting with empathetic, knowledgeable industry peer leaders and entrepreneurs?
We encourage you to leverage Coraggio’s support system and capitalise on our give-and-take dynamic amongst people who have walked the path before.